From 09b242a5c7d3af5ab66a959da068af02cdaca48e Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 5 Jan 2016 10:30:16 +0100 Subject: [PATCH] routes: fix handling device-routes for IPv4 peer-addresses (rh #1294309) --- 0001-rh1294309-peer-device-route.patch | 55 ++++++++++++++++++++++++++ NetworkManager.spec | 9 ++++- 2 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 0001-rh1294309-peer-device-route.patch diff --git a/0001-rh1294309-peer-device-route.patch b/0001-rh1294309-peer-device-route.patch new file mode 100644 index 0000000..be07c56 --- /dev/null +++ b/0001-rh1294309-peer-device-route.patch @@ -0,0 +1,55 @@ +From 01ec441715e24ce43394fe7aad34501ef538386e Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Mon, 4 Jan 2016 18:54:26 +0100 +Subject: [PATCH 1/1] core: fix failure to configure routes due to wrong + device-route for IPv4 peer-addresses + +As in the case of a OpenVPN connection, we might add an address like: + 10.8.0.58/32 ptp 10.8.0.57 + +In this case, kernel would automatically add a device-route like: + 10.8.0.57/32 via 0.0.0.0 dev 32 metric 0 mss 0 src rtprot-kernel scope link pref-src 10.8.0.58 + +nm_ip4_config_commit() checks all IP addresses to figure out +the present device-routes. Then the routes are synced by NMRouteManager. +Due to a bug, we would not consider the peer-address, but the local-address +and configure a route 10.8.0.58/32, instead of 10.8.0.57/32. + +That stays mostly unnoticed, because usually the peer and the local-address are +in the same subnet, so that there is no difference (/32 is an example of the +peer-address being in a different subnet). + +It also seems that due to a bug fixed by df4e5357521 this issue didn't surface. +Probably because we would not notice the 10.8.0.57/32 right away and thus +nm_route_manager_ip4_route_sync() would not wrongly delete it. + +https://bugzilla.gnome.org/show_bug.cgi?id=759892 + +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809195 +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809494 +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809526 +https://bugs.archlinux.org/task/47535 +https://bugzilla.redhat.com/show_bug.cgi?id=1294309 +https://mail.gnome.org/archives/networkmanager-list/2015-December/msg00059.html +(cherry picked from commit 11aa07ed939193e85516c287a57dee1837242972) +--- + src/nm-ip4-config.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/nm-ip4-config.c b/src/nm-ip4-config.c +index f625d35..61e29af 100644 +--- a/src/nm-ip4-config.c ++++ b/src/nm-ip4-config.c +@@ -298,7 +298,8 @@ nm_ip4_config_commit (const NMIP4Config *config, int ifindex, gboolean routes_fu + + route.ifindex = ifindex; + route.source = NM_IP_CONFIG_SOURCE_KERNEL; +- route.network = nm_utils_ip4_address_clear_host_address (addr->address, addr->plen); ++ route.network = nm_utils_ip4_address_clear_host_address (addr->peer_address ? : addr->address, ++ addr->plen); + route.plen = addr->plen; + route.pref_src = addr->address; + route.metric = default_route_metric; +-- +2.5.0 + diff --git a/NetworkManager.spec b/NetworkManager.spec index c8ce4ba..398b962 100644 --- a/NetworkManager.spec +++ b/NetworkManager.spec @@ -8,7 +8,7 @@ %define ppp_version %(rpm -q ppp-devel >/dev/null && rpm -q --qf '%%{version}' ppp-devel || echo -n bad) %define snapshot %{nil} -%define release_version 1 +%define release_version 2 %define realversion 1.0.10 %define epoch_version 1 @@ -86,6 +86,9 @@ Source4: 20-connectivity-fedora.conf # Not upstream. Patch0: 0000-explain-dns1-dns2.patch +# nm-1-0 backports +Patch1: 0001-rh1294309-peer-device-route.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %if 0%{?fedora} && 0%{?fedora} < 20 @@ -361,6 +364,7 @@ by nm-connection-editor and nm-applet in a non-graphical environment. %prep %setup -q -n NetworkManager-%{realversion} %patch0 -p1 +%patch1 -p1 %build @@ -679,6 +683,9 @@ fi %endif %changelog +* Tue Jan 5 2016 Thomas Haller - 1:1.0.10-2 +- routes: fix handling device-routes for IPv4 peer-addresses (rh #1294309) + * Wed Dec 23 2015 Lubomir Rintel - 1:1.0.10-1 - Update to 1.0.10 release